Re: [OAUTH-WG] OAuth Token Swap (token chaining)
Brian Campbell <bcampbell@pingidentity.com> Tue, 24 March 2015 12:55 UTC
Return-Path: <bcampbell@pingidentity.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8DACC1A00DC for <oauth@ietfa.amsl.com>; Tue, 24 Mar 2015 05:55:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.557
X-Spam-Level:
X-Spam-Status: No, score=-2.557 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, MISSING_HEADERS=1.021, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uyP_zhHt5hZk for <oauth@ietfa.amsl.com>; Tue, 24 Mar 2015 05:55:41 -0700 (PDT)
Received: from na3sys009aog111.obsmtp.com (na3sys009aog111.obsmtp.com [74.125.149.205]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E6D6E1A00BF for <oauth@ietf.org>; Tue, 24 Mar 2015 05:55:40 -0700 (PDT)
Received: from mail-ie0-f179.google.com ([209.85.223.179]) (using TLSv1) by na3sys009aob111.postini.com ([74.125.148.12]) with SMTP ID DSNKVRFezIMNyVvz27+lxiJ4GOknCGGydPeC@postini.com; Tue, 24 Mar 2015 05:55:40 PDT
Received: by iecvj10 with SMTP id vj10so59318669iec.0 for <oauth@ietf.org>; Tue, 24 Mar 2015 05:55:40 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc:content-type; bh=d3qUSJkhZ76wyoqnXun+g70YRYNccypcbb7p1+9xYP4=; b=P71OsYpg6xUadB4EEhgd7IhlO3AMMZyEvRwUrQR2cJxfsVgINBuTEq65rHqLRkBEll Sz/P9HWVrzxs7QLjZX6U9+mvOh452Ha9xqfM8CR2g1h71/xHeWs8kohxQDJCpKMwvCcy FCAy8tMD55/p9uTHW7jLkM2t4XYhD4Fpa7g9PKNP3I+wqArq3841zOFxxMzlf0fDN3xn JuP382ZTJbE5Dq3Cph+cra0Ycsr2XHVymgM10NiM3SF6a7dmRmqPpgSr1/iLIVx1bUpM xJwsC24bI/9bvruQPsi0RUYixgqDQL0Mcx6VHgifpir+2pV+KROf3+EjG7WoEkwByhqs 5amw==
X-Gm-Message-State: ALoCoQmRxiI7lKzahJ7A9f40v6cShBsXUia3Wi4NMVm5q3P1argKMYhKJcpQk5CWrZ/Ib2QwjC3H1pBRRiaKXY0Af/WoAvto01VFU8yCseR8rkhqQc9bjzsNDOn+VSTSbEN4K2DPnew+
X-Received: by 10.50.1.48 with SMTP id 16mr22135319igj.45.1427201740309; Tue, 24 Mar 2015 05:55:40 -0700 (PDT)
X-Received: by 10.50.1.48 with SMTP id 16mr22135309igj.45.1427201740194; Tue, 24 Mar 2015 05:55:40 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.64.7.193 with HTTP; Tue, 24 Mar 2015 05:55:10 -0700 (PDT)
In-Reply-To: <0C7C1508-DA58-4832-B755-F8BA1F153894@mit.edu>
References: <0C7C1508-DA58-4832-B755-F8BA1F153894@mit.edu>
From: Brian Campbell <bcampbell@pingidentity.com>
Date: Tue, 24 Mar 2015 07:55:10 -0500
Message-ID: <CA+k3eCTW_hgw_T4JNpJ8mgAo5oOW7BPMZ7DgJoB8Cvye6x7iwg@mail.gmail.com>
Cc: "<oauth@ietf.org>" <oauth@ietf.org>
Content-Type: multipart/alternative; boundary="047d7bdc12b0bf5b170512084c93"
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/xvS7ff-NVL2rTkZ6wqMB0iq-oKE>
Subject: Re: [OAUTH-WG] OAuth Token Swap (token chaining)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Mar 2015 12:55:42 -0000
And here's the somewhat different take on token exchange that I mentioned yesterday: https://tools.ietf.org/html/draft-campbell-oauth-sts-01 A little more background, context, and discussion about it can be seen following the thread on the Call for Adoption of "OAuth 2.0 Token Exchange" as an OAuth WG Item: https://www.ietf.org/mail-archive/web/oauth/current/msg13236.html https://www.ietf.org/mail-archive/web/oauth/current/msg13305.html ... etc ... https://www.ietf.org/mail-archive/web/oauth/current/msg13311.html ... etc. On Mon, Mar 23, 2015 at 2:40 PM, Justin Richer <jricher@mit.edu> wrote: > As mentioned in today’s IETF meeting, here are the two drafts dealing with > generic token swap: > > https://tools.ietf.org/html/draft-hunt-oauth-chain-01 > https://tools.ietf.org/html/draft-richer-oauth-chain-00 > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth > >
- [OAUTH-WG] OAuth Token Swap (token chaining) Justin Richer
- Re: [OAUTH-WG] OAuth Token Swap (token chaining) Brian Campbell
- Re: [OAUTH-WG] OAuth Token Swap (token chaining) Bill Burke
- Re: [OAUTH-WG] OAuth Token Swap (token chaining) Phil Hunt